/build/static/layout/Breadcrumb_cap_w.png

Updating PCs/Servers using KACE that is offline, no connection to internet

Good Morning Everyone,

Looking for some help and guidance on the best way to go about using KACE in an environment that is "Air gapped".  I just joined the team and have used KACE in a regulare environment where KACE is automatically updated with new patches, dell updates, and Windows feature updates.  However, this enviornment does not have access to the internet. Does KACE have an offline downloadable version of their database that I can upload once a month and still utilize the tools and functions within KACE or do I need to build this out in Task chains or Scripting.  The current administrator is using scripts that they describe as cumbersome. Boss is looking for more of an automation process from KACE as to free up time for Engineers to work on other things. Also, want to try and use the pop up notifications on the PC's for the starting of patches, patching in progress, and patching done with the option to delay for periods of time.  Not sure if this would be easy to accomplish in Task Chains or scripting, but really hoping there is an option to get an offline manual copy of KACE SMA database that we can just upload to the server once a month. 

Current administrator wants to utilize wake on LAN feature.  I've never used this function and have just used the "launch on next reboot".  Is there any advantage to using this option? 

Any and all advice is welcomed and appreciated. Thanks!

Asked 3 days ago 0 views
0 Comments   [ + ] Show comments

Answers (1)

Posted by: Nico_K 3 days ago
Red Belt
2

Endorsed by Nick The Ninja

You need two things:
First two SMAs.
One is the Online SMA (the one who has access to the internet)
One is the Offline SMA (the one who is in the airgapped environment)

The Offline SMA is connected to all the clients and needs to be setup to detect and deploy patches etc. Also it can use the Wake On LAN to do this. 
Best idea would be a regular detect during work time and a task chain to WOL the clients and deploy the patches out of the work schedules.
Since you wrote you have experience with KACE I assume this would be an easy task for you. 

The Online SMA is connected to the Internet with patch labels to get all the important patches in the box. Then you enable Offline Update under Settings|Control Panel | Patch and Feature Update Settings |Configure Offline Update.
The Online Source is the Online SMA. Then you put the downloaded patches on a thumb drive or similar and transfer them with the sneaker network (you put the thumb drive manually to the airgapped network) to the Offline SMA, which can upload it as Offline Target there.
Then it manages the patches like an online SMA

 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ